I've tried to enable FIPS in KM 1.6.0b2.
The first thing I did was a little research. I found Configuring Firefox for FIPS 140-2
which is an old page, but FF doesn't say how old.
So I followed instructions, gave myself a master password, disabled SSL3 (Privacy & Security>Encryption>>Encrypted Transmission), then Privacy & Security>Encryption>>Protected Storage>Manage Crypto Devices. In Device Manager, select NSS Internal PKCS #11 Module
and click "Enable FIPS". Nothing much happened. Actually, nothing happened.
Perservering, open "about:config", and make sure as many of the settings in "ssl" filter as I can find are set according to the FF site, almost all by switching them off
. Essentially, disable SSL3 and unset a number of cyphers.
However, I still see no indication that FIPS has in fact been enabled: going by the FF guide, I should see that in the Device Manager.
So, does KM 1.6.0b2 support FIPS 140-2? Or do we have a bug?
Allied to this is a question about the security padlock at lower left corner.
On a secure website, I expect to see this with an orange/amber URL bar
But on Secure Wikipedia (https
:\\en...) I see a red URL bar with a broken padlock
. BTW, Secure Wikipedia has always done this.
Am I reading the padlocks correctly?
Gigabyte H61M-USB3-B3 r2.0, I5-2400 3.10GHz, 4GB RAM; W7HPx64 SP1, Lotus SmartSuite 9.8, K-Meleon 76RC, IE11, Clyton email 15.0, Foxit Reader 188.8.131.526, PaintShop Pro 6.02, Avast! 12.3.2280, SuRun 184.108.40.206, VoodooShield 3.59b
"Learning is not compulsory. Neither is survival." Dr. W. Edwards Deming.
Edited 1 time(s). Last edit at 09/25/2011 09:01PM by gordon451.